On 30/03/2016 9:40 p.m., Olivier CALVANO wrote: > Hi > > I use: > > ## negotiate kerberos and ntlm authentication > auth_param negotiate program /usr/local/bin/negotiate_wrapper --ntlm > /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp > --kerberos /usr/lib64/squid/squid_kerb_auth -d -s GSS_C_NO_NAME > auth_param negotiate children 100 startup=10 idle=1 > auth_param negotiate keep_alive on > > ## Module d'authentification NTLM > auth_param ntlm program /usr/bin/ntlm_auth --diagnostics > --helper-protocol=squid-2.5-ntlmssp > auth_param ntlm children 100 startup=10 idle=1 > auth_param ntlm keep_alive on Try with "keep_alive off" on both of those auth methods. This does not conflict with connection keep-alive in genral, just closes the connection at a very specific time in the auth handshake. Without that certain IE and Firefox can have problems authenticating properly. Given that the client waited 20 minutes for those WU requests to happen I doubt it is an actual user. Probably an automated WU background process doing its thing while they happen to be logged in. Which means the IE behaviour is relevant. The yahoo.fr request being 1 hr long is very odd though. That is something I'd expect to see from a real person user. But not waiting an hour for. Could they be infected with some toolbar malware? Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
